10DLC website requirements


As carriers evolve their 10DLC requirements to prevent spam messages, we are committed to helping keep your organization compliant. For users submitting new Use Cases, there are additional fields for a Contact Source URL and a Privacy Policy URL on the Brand Registration page

Why does my organization need a URL to our website?

As malicious actors continue using the texting medium to send spam, carriers have instituted a manual verification level above The Campaign Registry. In an effort to reduce spam, carriers are vetting an organization's website to ensure that they have a place where a contact can opt into text messages knowingly, and can reference a privacy policy about how their information will be used. However, this does not mean that opt-in is required to send texts. Click here for more information about 10DLC and opt-ins.


Already Registered?

If your organization has already registered its Use Case before manual vetting was required, your Account Owners will be prompted to input your organization's URL. A prompt will appear when navigating to the Brand & Use Case Registration page for easy updating. Please link to your main site homepage.


Use Case Registration 

For a Use Case to pass manual vetting, your website must include both a Contact Source URL and Privacy Policy page during use case registration.


Contact Source URL

Carriers are looking to ensure that message senders support opt-in mechanisms for users. They are looking for a valid URL, specific to the organization in your brand registration, where an organization collects phone numbers from contacts. This URL should take the person verifying the application directly to the phone number collection page. To fulfill all the requirements for the contact source URL, the third-party vetting team verifies that the URL has:

  • a phone number input field
  • opt-in language
  • an easily discoverable link to the privacy policy 

An example of opt-in language would be:

"By providing your phone number, you agree to receive text messages from this organization. Message and data rates may apply. Message frequency varies."

The opt-in language should ideally be adjacent to the phone number input field. Here's an example of what that may look like:


Privacy Policy

Carriers need to see a page dedicated to the privacy policy on your organization's website that discloses how your organization may collect, use, and share personal information. Privacy policies should ensure the protection of user information from unauthorized access, use, and disclosure. For best practices, it's recommended to craft a personalized privacy policy addressing the following key points:

  • The type of information your organization collects
  • How your organization collects that information from users
  • How your organization uses and shares any information collected
  • Explicitly states you do not share or sell personal information with third parties without consent or legal obligation
  • How users can unsubscribe/opt-out from text messages from your organization
  • Explain how your organization protects user data


Carriers are particularly vigilant regarding language that could be interpreted as your organization sharing information with third parties for marketing purposes. Your privacy policy should clearly indicate that you only share personal information with third parties solely for essential business operations and explicitly state that personal information will otherwise not be shared with third parties without consent or legal obligation.


There are two crucial aspects your privacy policy must cover. The absence of either of these elements will result in the rejection of the use case, however, this information on its own will not fulfill the requirements for the privacy policy URL. We provide examples of these in the next section.

  1. Your privacy policy must explicitly state that your organization does not share or sell personal information with third parties without consent, except when legally required to do so. 
  2. Your privacy policy must share information about how to opt out of further communications, particularly text messages.


Examples of Required Language:

We recommend asserting your commitment to not sharing information with third parties without consent or legal obligation with the following language:

"[Your organization] maintains strict privacy policies, ensuring that personal information of our users and members is not sold, rented, released, or traded to others without prior consent or a legal obligation."

To share opt-out information with users, we recommend sharing the following language in your privacy policy:

"SMS Opt-Out: If you are receiving text messages from us and wish to stop receiving them, simply respond with either “STOP” or “UNSUBSCRIBE” to the number from which you received the message. Once we receive your message, you will no longer receive further text messages from us."

Creating your Privacy Policy

It is recommended that you create a personalized privacy policy that pertains to your organization based on the points outlined above; however, if you need assistance crafting your organization's privacy policy, you can utilize a privacy policy generator to assist in creating one. You can read more about this here: Online Resources for Privacy Policies.


You can also reference GetThru's privacy policy here: https://www.getthru.io/privacy-policy


If your site doesn't include a contact source URL and/or privacy policy already, adding them is necessary to help your organization get approval through manual vetting. If a use case fails manual vetting, your site must be updated to fulfill the requirements, which will require restarting the manual vetting process. 


Before You Submit

Take this quiz to determine if your contact source URL and privacy policy URL fulfill all the necessary requirements.


We recommend sharing your privacy policy with GetThru Support for review prior to adding it to your website, in case any revisions are required. Please write to support@getthru.io if you have any questions or difficulty adding your website!